database_manager.h revision f8ee788a64d60abd8f2d742a5fdedde054ecd910
12a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 22a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 32a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// found in the LICENSE file. 42a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// The Safe Browsing service is responsible for downloading anti-phishing and 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// anti-malware tables and checking urls against them. 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 82a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#ifndef CHROME_BROWSER_SAFE_BROWSING_DATABASE_MANAGER_H_ 92a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define CHROME_BROWSER_SAFE_BROWSING_DATABASE_MANAGER_H_ 102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <deque> 122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <map> 132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <set> 142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <string> 152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include <vector> 162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/callback.h" 187d4cd473f85ac64c3747c96c277f9e506a0d2246Torne (Richard Coles)#include "base/containers/hash_tables.h" 192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/memory/ref_counted.h" 202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/synchronization/lock.h" 22eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "base/time/time.h" 232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chrome/browser/safe_browsing/protocol_manager.h" 242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "chrome/browser/safe_browsing/safe_browsing_util.h" 25eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch#include "url/gurl.h" 262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class SafeBrowsingService; 282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class SafeBrowsingDatabase; 292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace base { 312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class Thread; 322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace net { 352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class URLRequestContext; 362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class URLRequestContextGetter; 372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)namespace safe_browsing { 402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class ClientSideDetectionService; 412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class DownloadProtectionService; 422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)} 432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)// Construction needs to happen on the main thread. 452a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)class SafeBrowsingDatabaseManager 462a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) : public base::RefCountedThreadSafe<SafeBrowsingDatabaseManager>, 472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public SafeBrowsingProtocolManagerDelegate { 482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 492a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) class Client; 502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Bundle of SafeBrowsing state while performing a URL or hash prefix check. 522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) struct SafeBrowsingCheck { 532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // |check_type| should correspond to the type of item that is being 542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // checked, either a URL or a binary hash/URL. We store this for two 552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // purposes: to know which of Client's methods to call when a result is 562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // known, and for logging purposes. It *isn't* used to predict the response 572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // list type, that is information that the server gives us. 582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SafeBrowsingCheck(const std::vector<GURL>& urls, 592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::vector<SBFullHash>& full_hashes, 602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Client* client, 6158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) safe_browsing_util::ListType check_type, 6258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::vector<SBThreatType>& expected_threats); 632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) ~SafeBrowsingCheck(); 642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Either |urls| or |full_hashes| is used to lookup database. |*_results| 662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // are parallel vectors containing the results. They are initialized to 672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // contain SB_THREAT_TYPE_SAFE. 682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::vector<GURL> urls; 692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::vector<SBThreatType> url_results; 702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::vector<SBFullHash> full_hashes; 712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::vector<SBThreatType> full_hash_results; 722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Client* client; 742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool need_get_hash; 752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::TimeTicks start; // When check was sent to SB service. 762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) safe_browsing_util::ListType check_type; // See comment in constructor. 7758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) std::vector<SBThreatType> expected_threats; 782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::vector<SBPrefix> prefix_hits; 79cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) std::vector<SBFullHashResult> cache_hits; 802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Vends weak pointers for TimeoutCallback(). If the response is 822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // received before the timeout fires, factory is destructed and 832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // the timeout won't be fired. 842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // TODO(lzheng): We should consider to use this time out check 852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // for browsing too (instead of implementin in 862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // safe_browsing_resource_handler.cc). 872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_ptr<base::WeakPtrFactory< 882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SafeBrowsingDatabaseManager> > timeout_factory_; 892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(SafeBrowsingCheck); 922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) class Client { 952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) public: 962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnSafeBrowsingResult(const SafeBrowsingCheck& check); 972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) protected: 992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~Client() {} 1002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called when the result of checking a browse URL is known. 1022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnCheckBrowseUrlResult(const GURL& url, 1032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SBThreatType threat_type) {} 1042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called when the result of checking a download URL is known. 1062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnCheckDownloadUrlResult(const std::vector<GURL>& url_chain, 1072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SBThreatType threat_type) {} 1082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called when the result of checking a set of extensions is known. 1102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void OnCheckExtensionsResult( 1112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::set<std::string>& threats) {} 1122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 1132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Creates the safe browsing service. Need to initialize before using. 1152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) explicit SafeBrowsingDatabaseManager( 1162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const scoped_refptr<SafeBrowsingService>& service); 1172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Returns true if the url's scheme can be checked. 1192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool CanCheckUrl(const GURL& url) const; 1202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Returns whether download protection is enabled. 1222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool download_protection_enabled() const { 1232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) return enable_download_protection_; 1242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) } 1252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the IO thread to check if the given url is safe or not. If we 1272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // can synchronously determine that the url is safe, CheckUrl returns true. 1282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Otherwise it returns false, and "client" is called asynchronously with the 1292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // result when it is ready. 1302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual bool CheckBrowseUrl(const GURL& url, Client* client); 1312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Check if the prefix for |url| is in safebrowsing download add lists. 1332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Result will be passed to callback in |client|. 1342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual bool CheckDownloadUrl(const std::vector<GURL>& url_chain, 1352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Client* client); 1362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Check which prefixes in |extension_ids| are in the safebrowsing blacklist. 1382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Returns true if not, false if further checks need to be made in which case 1392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // the result will be passed to |client|. 1402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual bool CheckExtensionIDs(const std::set<std::string>& extension_ids, 1412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Client* client); 1422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 14390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // Check if the given url is on the side-effect free whitelist. 14490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // Can be called on any thread. Returns false if the check cannot be performed 14590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // (e.g. because we are disabled or because of an invalid scheme in the URL). 14690dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // Otherwise, returns true if the URL is on the whitelist based on matching 14790dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // the hash prefix only (so there may be false positives). 14890dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) virtual bool CheckSideEffectFreeWhitelistUrl(const GURL& url); 14990dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 1502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Check if the |url| matches any of the full-length hashes from the 1512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // client-side phishing detection whitelist. Returns true if there was a 1522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // match and false otherwise. To make sure we are conservative we will return 1532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // true if an error occurs. This method is expected to be called on the IO 1542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // thread. 1552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual bool MatchCsdWhitelistUrl(const GURL& url); 1562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1570f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // Check if the given IP address (either IPv4 or IPv6) matches the malware 1580f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // IP blacklist. 1590f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) virtual bool MatchMalwareIP(const std::string& ip_address); 1600f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 1612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Check if the |url| matches any of the full-length hashes from the 1622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // download whitelist. Returns true if there was a match and false otherwise. 1632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // To make sure we are conservative we will return true if an error occurs. 1642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // This method is expected to be called on the IO thread. 1652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual bool MatchDownloadWhitelistUrl(const GURL& url); 1662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Check if |str| matches any of the full-length hashes from the download 1682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // whitelist. Returns true if there was a match and false otherwise. 1692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // To make sure we are conservative we will return true if an error occurs. 1702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // This method is expected to be called on the IO thread. 1712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual bool MatchDownloadWhitelistString(const std::string& str); 1722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 17358e6fbe4ee35d65e14b626c557d37565bf8ad179Ben Murdoch // Check if the CSD malware IP matching kill switch is turned on. 17458e6fbe4ee35d65e14b626c557d37565bf8ad179Ben Murdoch virtual bool IsMalwareKillSwitchOn(); 17558e6fbe4ee35d65e14b626c557d37565bf8ad179Ben Murdoch 176cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) // Check if the CSD whitelist kill switch is turned on. 177cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) virtual bool IsCsdWhitelistKillSwitchOn(); 178cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 1792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the IO thread to cancel a pending check if the result is no 1802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // longer needed. 1812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void CancelCheck(Client* client); 1822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the IO thread when the SafeBrowsingProtocolManager has received 1842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // the full hash results for prefix hits detected in the database. 185cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) void HandleGetHashResults(SafeBrowsingCheck* check, 186cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) const std::vector<SBFullHashResult>& full_hashes, 187cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) const base::TimeDelta& cache_lifetime); 1882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Log the user perceived delay caused by SafeBrowsing. This delay is the time 1902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // delta starting from when we would have started reading data from the 1912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // network, and ending when the SafeBrowsing check completes indicating that 1922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // the current page is 'safe'. 1932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void LogPauseDelay(base::TimeDelta time); 1942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 1952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called to initialize objects that are used on the io_thread. This may be 1962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // called multiple times during the life of the DatabaseManager. Should be 1972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // called on IO thread. 1982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void StartOnIOThread(); 1992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called to stop or shutdown operations on the io_thread. This may be called 2012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // multiple times during the life of the DatabaseManager. Should be called 2022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // on IO thread. If shutdown is true, the manager is disabled permanently. 2032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void StopOnIOThread(bool shutdown); 2042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) protected: 2062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual ~SafeBrowsingDatabaseManager(); 2072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 20868043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) // protected for tests. 20968043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) void NotifyDatabaseUpdateFinished(bool update_succeeded); 21068043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) 2112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) private: 2122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) friend class base::RefCountedThreadSafe<SafeBrowsingDatabaseManager>; 2132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) friend class SafeBrowsingServerTest; 2142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) friend class SafeBrowsingServiceTest; 2152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) friend class SafeBrowsingServiceTestHelper; 21658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) friend class SafeBrowsingDatabaseManagerTest; 217f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) FRIEND_TEST_ALL_PREFIXES(SafeBrowsingDatabaseManagerTest, GetUrlThreatType); 2182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) typedef std::set<SafeBrowsingCheck*> CurrentChecks; 2202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) typedef std::vector<SafeBrowsingCheck*> GetHashRequestors; 2212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) typedef base::hash_map<SBPrefix, GetHashRequestors> GetHashRequests; 2222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Clients that we've queued up for checking later once the database is ready. 2242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) struct QueuedCheck { 22558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) QueuedCheck(const safe_browsing_util::ListType check_type, 22658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) Client* client, 22758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const GURL& url, 22858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::vector<SBThreatType>& expected_threats, 22958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const base::TimeTicks& start); 23058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) ~QueuedCheck(); 2312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) safe_browsing_util::ListType check_type; 2322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) Client* client; 2332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) GURL url; 23458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) std::vector<SBThreatType> expected_threats; 2352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::TimeTicks start; // When check was queued. 2362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) }; 2372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 238f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) // Return the threat type from the first result in |full_hashes| which matches 239f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) // |hash|, or SAFE if none match. 240f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) static SBThreatType GetHashThreatType( 241f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const SBFullHash& hash, 242f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const std::vector<SBFullHashResult>& full_hashes); 243f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 244f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) // Given a URL, compare all the possible host + path full hashes to the set of 245f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) // provided full hashes. Returns the threat type of the matching result from 246f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) // |full_hashes|, or SAFE if none match. 247f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) static SBThreatType GetUrlThreatType( 248f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const GURL& url, 249f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) const std::vector<SBFullHashResult>& full_hashes); 250f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) 2512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called to stop operations on the io_thread. This may be called multiple 2522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // times during the life of the DatabaseManager. Should be called on IO 2532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // thread. 2542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void DoStopOnIOThread(); 2552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Returns whether |database_| exists and is accessible. 2572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool DatabaseAvailable() const; 2582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the IO thread. If the database does not exist, queues up a call 2602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // on the db thread to create it. Returns whether the database is available. 2612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // 2622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Note that this is only needed outside the db thread, since functions on the 2632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // db thread can call GetDatabase() directly. 2642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool MakeDatabaseAvailable(); 2652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Should only be called on db thread as SafeBrowsingDatabase is not 2672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // threadsafe. 2682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SafeBrowsingDatabase* GetDatabase(); 2692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the IO thread with the check result. 2712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnCheckDone(SafeBrowsingCheck* info); 2722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the database thread to retrieve chunks. 2742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void GetAllChunksFromDatabase(GetChunksCallback callback); 2752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the IO thread with the results of all chunks. 2772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnGetAllChunksFromDatabase(const std::vector<SBListChunkRanges>& lists, 2782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool database_error, 2792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) GetChunksCallback callback); 2802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the IO thread after the database reports that it added a chunk. 2822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnAddChunksComplete(AddChunksCallback callback); 2832a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2842a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Notification that the database is done loading its bloom filter. We may 2852a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // have had to queue checks until the database is ready, and if so, this 2862a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // checks them. 2872a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void DatabaseLoadComplete(); 2882a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the database thread to add/remove chunks and host keys. 290f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) void AddDatabaseChunks(const std::string& list, 291f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) scoped_ptr<ScopedVector<SBChunkData> > chunks, 2922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AddChunksCallback callback); 2932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 294f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) void DeleteDatabaseChunks( 295f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) scoped_ptr<std::vector<SBChunkDelete> > chunk_deletes); 2962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void NotifyClientBlockingComplete(Client* client, bool proceed); 2982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 2992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void DatabaseUpdateFinished(bool update_succeeded); 3002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Called on the db thread to close the database. See CloseDatabase(). 3022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnCloseDatabase(); 3032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Runs on the db thread to reset the database. We assume that resetting the 3052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // database is a synchronous operation. 3062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnResetDatabase(); 3072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Internal worker function for processing full hashes. 3092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void OnHandleGetHashResults(SafeBrowsingCheck* check, 3102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::vector<SBFullHashResult>& full_hashes); 3112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Run one check against |full_hashes|. Returns |true| if the check 3132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // finds a match in |full_hashes|. 3142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool HandleOneCheck(SafeBrowsingCheck* check, 3152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const std::vector<SBFullHashResult>& full_hashes); 3162a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3172a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Invoked by CheckDownloadUrl. It checks the download URL on 3182a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // safe_browsing_thread_. 3192a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void CheckDownloadUrlOnSBThread(SafeBrowsingCheck* check); 3202a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3212a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The callback function when a safebrowsing check is timed out. Client will 3222a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // be notified that the safebrowsing check is SAFE when this happens. 3232a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void TimeoutCallback(SafeBrowsingCheck* check); 3242a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3252a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Calls the Client's callback on IO thread after CheckDownloadUrl finishes. 3262a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void CheckDownloadUrlDone(SafeBrowsingCheck* check); 3272a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3282a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Checks all extension ID hashes on safe_browsing_thread_. 3292a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void CheckExtensionIDsOnSBThread(SafeBrowsingCheck* check); 3302a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3312a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Helper function that calls safe browsing client and cleans up |checks_|. 3322a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void SafeBrowsingCheckDone(SafeBrowsingCheck* check); 3332a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3342a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Helper function to set |check| with default values and start a safe 3352a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // browsing check with timeout of |timeout|. |task| will be called on 3362a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // success, otherwise TimeoutCallback will be called. 3372a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) void StartSafeBrowsingCheck(SafeBrowsingCheck* check, 3382a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) const base::Closure& task); 3392a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3402a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // SafeBrowsingProtocolManageDelegate override 3412a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void ResetDatabase() OVERRIDE; 3422a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void UpdateStarted() OVERRIDE; 3432a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void UpdateFinished(bool success) OVERRIDE; 3442a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void GetChunks(GetChunksCallback callback) OVERRIDE; 345f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) virtual void AddChunks(const std::string& list, 346f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) scoped_ptr<ScopedVector<SBChunkData> > chunks, 3472a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) AddChunksCallback callback) OVERRIDE; 3482a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) virtual void DeleteChunks( 349f8ee788a64d60abd8f2d742a5fdedde054ecd910Torne (Richard Coles) scoped_ptr<std::vector<SBChunkDelete> > chunk_deletes) OVERRIDE; 3502a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3512a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_refptr<SafeBrowsingService> sb_service_; 3522a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3532a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) CurrentChecks checks_; 3542a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3552a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Used for issuing only one GetHash request for a given prefix. 3562a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) GetHashRequests gethash_requests_; 3572a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3582a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The persistent database. We don't use a scoped_ptr because it 3592a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // needs to be destroyed on a different thread than this object. 3602a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) SafeBrowsingDatabase* database_; 3612a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3622a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Lock used to prevent possible data races due to compiler optimizations. 3632a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) mutable base::Lock database_lock_; 3642a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3652a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Whether the service is running. 'enabled_' is used by the 3662a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // SafeBrowsingDatabaseManager on the IO thread during normal operations. 3672a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool enabled_; 3682a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3692a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Indicate if download_protection is enabled by command switch 3702a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // so we allow this feature to be exersized. 3712a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool enable_download_protection_; 3722a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3732a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Indicate if client-side phishing detection whitelist should be enabled 3742a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // or not. 3752a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool enable_csd_whitelist_; 3762a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3772a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Indicate if the download whitelist should be enabled or not. 3782a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool enable_download_whitelist_; 3792a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3802a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Indicate if the extension blacklist should be enabled. 3812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool enable_extension_blacklist_; 3822a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 38390dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) // Indicate if the side effect free whitelist should be enabled. 38490dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) bool enable_side_effect_free_whitelist_; 38590dce4d38c5ff5333bea97d859d4e484e27edf0cTorne (Richard Coles) 3860f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // Indicate if the csd malware IP blacklist should be enabled. 3870f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) bool enable_ip_blacklist_; 3880f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 3892a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // The SafeBrowsing thread that runs database operations. 3902a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // 3912a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Note: Functions that run on this thread should run synchronously and return 3922a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // to the IO thread, not post additional tasks back to this thread, lest we 3932a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // cause a race condition at shutdown time that leads to a database leak. 3942a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) scoped_ptr<base::Thread> safe_browsing_thread_; 3952a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3962a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Indicates if we're currently in an update cycle. 3972a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool update_in_progress_; 3982a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 3992a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // When true, newly fetched chunks may not in the database yet since the 4002a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // database is still updating. 4012a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool database_update_in_progress_; 4022a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 4032a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Indicates if we're in the midst of trying to close the database. If this 4042a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // is true, nothing on the IO thread should access the database. 4052a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) bool closing_database_; 4062a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 4072a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) std::deque<QueuedCheck> queued_checks_; 4082a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 4092a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) // Timeout to use for safe browsing checks. 4102a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) base::TimeDelta check_timeout_; 4112a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 4122a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(SafeBrowsingDatabaseManager); 4132a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)}; 4142a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles) 4152a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif // CHROME_BROWSER_SAFE_BROWSING_DATABASE_MANAGER_H_ 416